In general, encryption provides:
Confidentiality Assurance that only authorized users can view messages
Integrity Assurance that only authorized users can change messages
Authentication Assurance that users are who they claim to be
Nonrepudiation Assurance that a message originated from the stated source
To the computer forensics investigator , the most common exposure to encryption is when confronted with encrypted files. It is becoming more common for subjects to use encryption to hide the contents of files. Although there are other valuable uses of cryptography, such as securing communication transmissions and authenticating the originator of a message, they are beyond the scope of this discussion. Our main concern is to understand the basics of cryptography and how to react when you encounter encrypted files. Most commonly, you will recognize encrypted files when an attempt to open a file with a known extension fails. For example, you attempt to open an encrypted Microsoft Word document in Microsoft Word, but you receive an error. The text of the error tells you that you need a converter to read the file. In other words, Microsoft Word does not recognize the encrypted contents of the file. Another sign of encrypted files is a collection of meaningless filenames. Many encryption utilities change the filenames to hide the meaning and type of the file.
There are two main types of encryption algorithms. An algorithm is the detailed sequence of steps necessary to accomplish a task. The first type of encryption algorithm uses the same value to encrypt and decrypt the original text. Such algorithms are called 'private key algorithms.' The second type of algorithm uses one value to encrypt the text and another value to decrypt it. These algorithms are called 'public key algorithms.' Each type has strengths and weaknesses, but they both serve the same function.
Encryption algorithms transform an original message, called plaintext , into an encrypted message, called ciphertext . The algorithm also generally provides a method for reversing the process by translating the ciphertext back into the original plaintext message. Here's an example. Suppose you want to send a message to a particular recipient that no one else can read. You choose to substitute each letter with an alternative letter. You take each letter in the original message and replace it with the letter that is three positions higher in the alphabet. So, you replace an 'A' with a 'D,' and replace a 'T' with a 'W.' To keep things simple, you rotate around the end of the alphabet so you replace a 'Y' with a 'B.' This is exactly how Caesar's cipher worked.
Our plaintext message is: Hello there.
Our encrypted message is: Khoor wkhuh.
The original unencrypted message.
The encrypted message.
All you have to do to decrypt the message is to reverse the process. Take each letter and replace it with the letter that is three positions lower in the alphabet. By doing so, you end up with the original message. The only requirement for this method to work is that both the sender and the receiver must agree on the specific rules. You'll see how that can cause some problems in a later section.
All algorithms use some type of value to translate the plaintext to ciphertext. Each algorithm performs steps using the supplied value to encrypt the data. The special value that the algorithm uses is the encryption key. Some encryption algorithms use a single key, while others use more than one. In the Caesar cipher, the key value is 3. The key value tells how many positions to add to the plaintext character to encrypt and the number to subtract from the ciphertext character to decrypt. As long as the sender and receiver both use the same algorithm and key, the process works.
The easiest type of encryption to understand and use is the private key algorithm . This type of algorithm is also called a symmetric algorithm . It is symmetric because the decrypt function is a simple reversal of the encrypt function. It looks the same on both sides.
private key algorithm
An encryption algorithm that uses the same key to encrypt and decrypt.
This type of algorithm is simple and fast. It is the type of algorithm most frequently used for file encryption. All you need is the key and the algorithm, and you can decrypt the file. Although this type of algorithm is common for encrypting files, it can be more difficult to use for message encryption. The problem is the management of the encryption key. You need the key to decrypt a file or message. You have to find a way to get the key to the recipient in a secure manner.
Another name for a private key encryption algorithm.
If someone is eavesdropping on all communication between you and your recipient, they will likely intercept the encryption key as well as any encrypted data. With the key, they will be able to decrypt files at will. For the purposes of computer forensics, you will more likely find encrypted files on media that were encrypted using a symmetric algorithm. The simple reason for this is that sym- metric algorithms are fast and easy to use. Because you have only a single key, you don't need to specifically generate keys and then keep up with multiple values. That means you need the single key.
Don't infer that computer investigators only deal with file encryption using symmetric keys. You can, and will, run into various types of encryption and algorithms. Encryption is a discipline in itself. This section just highlights the issues you are most likely to encounter.
Key discovery is similar to password discovery. You need to find, deduce, or crack the encryption to get to the key. The biggest difference between cracking passwords and cracking encryption keys is that the latter is almost always harder and takes far longer. The simple explanation is that the plaintext for a password is generally limited to a couple dozen characters . The plaintext for a file could be gigabytes. Cracking the encryption key takes substantially longer than cracking a password.
Although many well-known symmetric encryption algorithms exist, here are a few of the more common ones:
Data Encryption Standard (DES)
First published in 1977
Adopted by the U.S. government standard for all data communications
Uses 56-bit key (plus eight parity bits)
Old and weak by today's standards
Triple DES (3DES)
More secure than DES
Uses three separate DES encryption cycles
International Data Encryption Algorithm (IDEA)
International standards designed to be stronger than DES
Keys are longer than DES keys (start at 128 bits)
Stronger alternative to DES and IDEA
Key size can vary from 32 bits to 448 bits
Optimized for embedded operation in chips
Used in the Clipper and Capstone chips
Key size is 80 bits
Advanced Encryption Standard (AES)
The latest, strongest standard
Based on the Rijndael cipher
Key sizes are 128, 192, or 256 bits
Each algorithm in the previous list can effectively encrypt files. The list is sorted in general algorithm strength order. For more security, use a newer algorithm and a secure key. Research some of the common encrypt/decrypt utilities and compare the algorithms they support.
The other type of encryption algorithm is the public key algorithm . This type of algorithm is also called an asymmetric algorithm because the decrypt process differs from the encrypt process. The asymmetric encryption algorithm addresses the issue of key distribution. Two keys are required to complete the encrypt- decrypt process.
public key algorithm
An encryption algorithm that uses one key to encrypt plaintext and another key to decrypt ciphertext.
The process starts with key generation. The software that encrypts plaintext will also have a utility to generate keys. When asked, the user supplies a passcode and the utility uses the passcode to generate a private key and a public key. You must keep the private key secret and not disclose it to anyone. You can distribute the public key to anyone . The encryption algorithm uses one key to encrypt plaintext and the other key to decrypt the resulting ciphertext.
A character string used to authenticate a user ID to perform some function, such as encryption key management.
The resulting process allows you to encrypt data with your private key. Anyone who has the public key can decrypt the file or message. This process provides the ability to verify that a file or message originated from a specific person. If you can decrypt a file with Fred's public key, Fred had to encrypt it with his private key. Although this is great for sending messages and verifying the sender's identity, it doesn't provide much value if all you want to do is encrypt some files.
Another name for a public key encryption algorithm.
The most common type of encryption you will run into during evidence analysis is file encryption. For that reason, we focus on symmetric key algorithms.
Both symmetric and asymmetric encryption algorithms share one common trait: you can tell a file is encrypted by examining its contents. The fact that a file is encrypted draws attention to its value. An investigator wants to decrypt a file just because it is encrypted and, therefore, probably contains some data of value.
There is another approach. Steganography is the practice of hiding a message in a larger message. The original message, or file, becomes the carrier and the hidden message is the payload. Large pictures and sound files make good carriers because they allow the payload to be inserted without changing the original file in an obvious way. Steganographic utilities insert the bytes of the payload into the carrier by slightly changing bytes in the carrier file. If the changed bytes in the carrier are separated by enough original data, the change is unnoticeable. If every 100th pixel in a picture were changed by a single shade of color , the resulting picture would appear identical to the original.
Steganography allows users to embed desired data into seemingly innocent files and messages. A secret message embedded in a picture file can be sent via e-mail as an attachment and raise no suspicion. The ease with which anyone can obtain steganographic utilities makes covert data communication and storage easy.
Intelligence experts suspect that the terrorists who planned and carried out the attacks on New York and Washington, D.C. on September 11, 2001, may have used steganography to communicate with one another. They are suspected of embedding messages in digital pictures and then e-mailing the pictures (and embedded messages) as attachments to normal e-mail messages. The messages looked like common e- mails with attached pictures. The pictures could have been anything. Nothing was there to provide a clue that the pictures held secret messages. That's the power of steganography.
Detecting stegagnography is difficult. You either have to detect the changes to the carrier file or use statistical analysis to detect an anomaly. Detecting changes to the carrier file requires a noticeable difference that you can see or hear. Statistical analysis depends less on objectivity by comparing the frequency distribution of colors of a picture with the expected frequency distribution of colors for the file. For audio carrier files, a statistical analysis utility would use sound patterns instead of colors.
Another method of detecting steganography is by the presence of stegano- graphic utilities on the suspect machine. Although the mere presence of such software does not prove steganography is in use, it provides the motivation to look harder for carrier files with embedded messages. Few people go to the trouble of acquiring and installing steganographic utilities without using them.
Here are a few steganographic utilities. Look at several of these for more information about and examples of how steganography works:
Steganos Security Suite
Remember that the appeal of steganography is that its very nature masks the existence of the message. You can look at a suspect drive and overlook embedded data if you aren't careful. Look for utilities that create steganographic files. Also look for files that would make good carriers. If the circumstantial evidence points to hidden data, chances are steganography is in use.
Next, we'll look at the quality of encryption by considering key length and key management.